0cee24df40e61034369b2233b4701c390132635afcc59a4b7df3983b52335791 | Triage

Sharing

General

Target

c8ee3f4bd11c0ecaa1ac126d7434ce9c_JaffaCakes118
Size

1.1MB
Sample

240829-qy28zavape
MD5

c8ee3f4bd11c0ecaa1ac126d7434ce9c
SHA1

6b0635f240f1197f0cc1f5fe1702f79372267b6d
SHA256

0cee24df40e61034369b2233b4701c390132635afcc59a4b7df3983b52335791
SHA512

eb437fdc1f43032393f1dc9fb790f25b1cf491ca3a57e4dffe36d7502adc069f41685c7fdc61ef3368617ac69a4439e600bac2e9545b2ac39001cbef1125dd6c
SSDEEP

24576:FpzaucfNArAjuzOc2X/7aMGutOMIymshUVgrWvfxkE6N:FpzjnMju39Mx8vyfhUVgRBN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c8ee3f4bd11c0ecaa1ac126d7434ce9c_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  c8ee3f4bd11c0ecaa1ac126d7434ce9c
- SHA1
  
  6b0635f240f1197f0cc1f5fe1702f79372267b6d
- SHA256
  
  0cee24df40e61034369b2233b4701c390132635afcc59a4b7df3983b52335791
- SHA512
  
  eb437fdc1f43032393f1dc9fb790f25b1cf491ca3a57e4dffe36d7502adc069f41685c7fdc61ef3368617ac69a4439e600bac2e9545b2ac39001cbef1125dd6c
- SSDEEP
  
  24576:FpzaucfNArAjuzOc2X/7aMGutOMIymshUVgrWvfxkE6N:FpzjnMju39Mx8vyfhUVgRBN
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2